P
US8995271B2ActiveUtilityPatentIndex 45

Communications flow analysis

Assignee: LU WEIPriority: Apr 30, 2012Filed: Apr 30, 2012Granted: Mar 31, 2015
Est. expiryApr 30, 2032(~5.8 yrs left)· nominal 20-yr term from priority
Inventors:LU WEISUYDAM ORIONADAMS GREGORY K
H04L 41/14H04L 43/106H04L 43/10H04L 63/308H04L 63/123
45
PatentIndex Score
0
Cited by
16
References
20
Claims

Abstract

In one implementation, a communications flow analysis system determines whether a communications flow between a source and a destination should be retained. If the communications flow should be retained, the communications flow analysis system injects an extraneous data set into the communications flow in response to determining that the communications flow should be retained.

Claims

exact text as granted — not AI-modified
What is claimed is: 
     
       1. A non-transitory processor-readable medium storing instructions that when executed cause a system comprising a physical processor to:
 determine that a communications flow of data packets between a source and a destination should be retained; and 
 inject an extraneous data set into the communications flow in response to determining that the communications flow should be retained, the extraneous data set comprising an extraneous data packet that comprises a duplicate portion that is duplicated from a portion of a first data packet of the data packets of the communications flow, wherein the injecting causes sending of the extraneous data packet to the destination along with the data packets of the communications flow. 
 
     
     
       2. The processor-readable medium of  claim 1 ,
 wherein each of the data packets of the communications flow comprises a destination address identifying the destination; and 
 wherein the extraneous data packet comprises the destination address identifying the destination. 
 
     
     
       3. The processor-readable medium of  claim 1 ,
 wherein the duplicate portion of the extraneous data packet comprises a copy of a first control parameter of the first data packet. 
 
     
     
       4. The processor-readable medium of  claim 3 ,
 wherein the extraneous data packet comprises another control parameter that is different from the first control parameter of the first data packet. 
 
     
     
       5. The processor-readable medium of  claim 1 , wherein:
 the extraneous data set comprises a flow ticket having authentication information for the flow ticket. 
 
     
     
       6. The processor-readable medium of  claim 1 , wherein the extraneous data set comprises a flow ticket, the processor-readable medium further storing instructions that when executed cause the system to:
 store information associated with the flow ticket in a portion of a database associated with the flow ticket. 
 
     
     
       7. A method comprising:
 receiving, by a destination system comprising a physical processor, data packets of a communications flow, the data packets addressed from a source system to the destination system; 
 determining, by the destination system, whether the data packets of the communications flow comprise an extraneous data packet that comprises a flow ticket, the extraneous data packet injected into the communications flow by a flow analysis system disposed between the source system and the destination system; and 
 removing, by the destination system, the communications flow from a data store responsive to a determination that the communications flow does not comprise the extraneous data packet that comprises the flow ticket. 
 
     
     
       8. The method of  claim 7 , further comprising parsing, by the destination system, the extraneous data packet to find the flow ticket. 
     
     
       9. The method of  claim 7 , further comprising performing, by a compliance module in the destination system, compliance analysis on the communications flow responsive to a determination that the communications flow comprises the extraneous data packet that comprises the flow ticket. 
     
     
       10. The method of  claim 7 , further comprising authenticating, by an authentication module in the destination system, the flow ticket using authentication information in the extraneous data packet. 
     
     
       11. A communications flow analysis system, comprising:
 at least one physical processor; and 
 a flow ticket module executable on the at least one physical processor to:
 determine that a communications flow of data packets from a source to a destination should be retained, and 
 in response to determining that the communications flow should be retained, inject an extraneous data packet comprising a flow ticket into the communications flow, the extraneous data packet comprising a duplicate portion that is duplicated from a portion of a first data packet of the data packets of the communications flow, wherein the injecting causes sending of the extraneous data packet to the destination along with the data packets of the communications flow, wherein the data packets of the communications flow each comprises a destination address identifying the destination, and wherein the extraneous data packet comprises the destination address identifying the destination. 
 
 
     
     
       12. The system of  claim 11 , wherein the extraneous data packet comprises a first control parameter that is a copy of a first control parameter of the first data packet. 
     
     
       13. The system of  claim 12 , wherein the extraneous data packet comprises a second control parameter that is different from a second control parameter of the first data packet. 
     
     
       14. The system of  claim 11 , further comprising a database module to store information associated with the flow ticket in a portion of a database associated with the flow ticket. 
     
     
       15. The system of  claim 11 ,
 wherein the flow ticket module is executable to generate the flow ticket that includes authentication information within the flow ticket. 
 
     
     
       16. The processor-readable medium of  claim 1 , wherein the flow ticket comprises an identifier of the flow ticket and authentication information calculated by applying a function on content of the flow ticket. 
     
     
       17. The method of  claim 7 , wherein the extraneous data packet comprises a duplicate portion that is copied by the flow analysis system from a corresponding portion of a first data packet of the data packets of the communications flow. 
     
     
       18. The method of  claim 17 , wherein the duplicate portion in the extraneous data packet comprises duplicate control parameters of control parameters in the given data packet. 
     
     
       19. The method of  claim 17 , further comprising:
 disregarding, by a protocol layer of the destination system, the extraneous data packet in response to the extraneous data packet comprising the duplicate portion of the corresponding portion of the given data packet. 
 
     
     
       20. The method of  claim 7 , wherein the data packets, comprising the extraneous data packet, of the communications flow each comprises a destination address that identifies the destination system.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.